Body
Multifactor authentication (MFA) is an enhancement to the security for your ACE account that requires you to provide extra verification to verify your identity when signing into campus applications with your ACE account. By requiring extra verification to sign in, it helps keep your account from being compromised and prevents unauthorized users from accessing your personal information and university resources.
Learn how to setup MFA
How MFA Works
When you sign in with your ACE account, you sign in with your ACE username and password. Your ACE username and password is something that you know. However, in the event your ACE username and/or password is compromised, someone else can log in using your account.
MFA works to stop this by verifying who you are using something that you have, such as a smartphone or security key. When you sign in to your ACE account, you'll be asked to then verify it is actually you signing in by responding to a prompt on your smartphone or using a security key. This is referred to as satisfying MFA.
Something you know (your ACE credentials) and something you have (a device that you typically have with you) are the two factors that make multifactor authentication possible, and keeps your ACE account secure.
Why is UNLV implementing MFA?
As a student, faculty member, or staff member, your ACE account grants you access to many different systems such as your university email, WebCampus, Workday, and other applications. These technologies are owned and operated by the university and it is our responsibility to protect your access to university systems.
As an educational and research institution, UNLV maintains sensitive records of many individuals within many functional areas. Information stored includes personally identifiable information protected by the Family Educational Rights and Privacy Act (FERPA), the Health Insurance Portability and Accountability Act of 1996 (HIPPA), and other applicable privacy and security obligations. In addition to maintaining these records, UNLV must also protect academic integrity by ensuring the right person is accessing the right materials at the right time.
UNLV is joining a growing list of other universities who currently have implemented multifactor authentication, sometimes known as two-step verification. Other nearby R1 institutions utilizing MFA include, among many others:
MFA helps prevent unauthorized access to university resources and is recommended as one of the most effective methods of preventing data breaches:
Not only can data breaches leak sensitive information, they are also costly. For 2022, IBM reports the average cost of a data breach in the United States at $9.44 million and the average total cost of a breach in the healthcare industry at $10.10 million.
By implementing MFA at UNLV, your data, and the data stored about you, is better protected.
Why is this being enforced for all students and employees?
MFA helps protect your ACE account, personal information, files, data, and more from unauthorized access.
By protecting your account, you are also helping to protect the entire university. Anyone can be a target for a cyberattack. Even if you only have a small amount of access, your account may be a vulnerability that can be exploited in some way. For example, MFA helps prevent malicious actors from sending messages from your legitimate UNLV email account and tricking others into sharing information or account access with them. By implementing MFA at UNLV, we significantly reduce the number of weak points within our data systems.
Another reason for implementing MFA is to verify who is using university systems. For example, employees access Workday to initiate and approve many business processes. Students access WebCampus to take quizzes, exams, and submit assignments. Having MFA in place ensures that the person logging into these systems is indeed that person and strengthens integrity within various systems.
Enforcing MFA ensures that everyone on campus is taking an active role in cybersecurity.
What if I forget my device or it is temporarily out of service?
We suggest setting up two forms of verification methods to help ensure you are able to log into campus applications through at least one method, even if you lose access to another.
The
IT Help Desk is available to assist you if you have forgotten your device or need assistance with logging in or resetting your verification methods.
Will MFA slow down my login process?
As users of our own campus technology, we understand the importance of being able to log in quickly and easily. MFA adds an extra login step that usually only takes a few seconds.
As such, we strongly recommend using the Okta Verify app as a verification method:
- Okta Verify sends a push notification to your device almost instantly. Most customers report completing MFA only takes 5-10 seconds when using Okta Verify.
- Okta Verify can work on WiFi, cellular data, and even offline through backup code generation.
- When sending the push notification to your phone, select the “Send Push Automatically” checkbox to save even more time.
If you use a security key, the experience is similar to Okta Verify. When prompted, simply plug the key into a USB port, and tap it once prompted to do so.
Compare the features of different MFA methods to pick the best method for you. You can even add multiple MFA methods to suit your needs.
How does MFA affect my personal devices?
Public records (or "official state records" as defined in NRS 239.705) must be maintained, stored, and released in accordance with NRS Chapter 239. This is applicable regardless of whether such records are maintained on an employee's personal device. MFA codes, however, are categorized as transitory records that are not required to be saved or maintained under NSHE's record retention policy. Therefore, MFA codes would not be subject to public records requests, and do not change how you access university resources. Learn more about public records.
Nonetheless, if you do not wish to use a personal device for MFA, a security key may be a good option for one of your MFA methods. A security key is similar to a flash drive and is inserted into the USB port when you log in. Please contact the IT Help Desk for assistance with obtaining a security key.
Need Additional Help?
For additional assistance, please visit the Accounts, Access, and Identity Knowledge Base for additional articles or select a Related Service to submit a support ticket. You can also contact the IT Help Desk.